[OpenAFS] OpenAFS still in development?
Sun, 21 Jun 2015 12:38:12 -0400
This is a cryptographically signed message in MIME format.
Content-Type: text/plain; charset=utf-8
I do not believe that the OpenAFS mailing lists are an appropriate forum
to discuss AuriStor. My response to Michael provided details on
AuriStor because I felt it was necessary in order to properly answer the
I encourage anyone that has questions about AuriStor to send them to
contact us via
On 6/21/2015 4:55 AM, Harald Barth wrote:
>> 4. Is AuriStor a replacement for OpenAFS?
>> AuriStor is designed to be a general purpose, platform independent,
>> secure, distributed file system that can be successfully deployed
>> internally, across the Internet, and within public cloud services.
>> AuriStor is an IBM AFS(R) and OpenAFS compatible file system that
>> . and more
> I have not found a list of supported platforms (client and server)
> comparison for OpenAFS and AuriStor. Because if it does not
> run on the platform, it's not a replacement.=20
The question of "supported platforms" is an interesting one because it
is very unclear what it means for OpenAFS to "support" a platform. What
are the criteria? Is it sufficient to say that if you can build OpenAFS
on the OS and hardware architecture that it is "supported"?
Or are there other requirements such as
* there must be packaging available for the platform
* there must be binaries distributed
. from openafs.org
. from the OS distribution
. from a third party (including commercial support vendors)
* there must be an extensive test suite that is passed
* for OS vendors that require digital signatures there must
be a signed distribution be present
* technical support must be available
I am quite sure there are other criteria that could be added to the mix.
At the AFS and Kerberos Best Practice Workshops and the European AFS
Conferences the Gatekeepers have often included a list of OSes as part
of the OpenAFS Status Report. Inclusion in the list has in general
meant that the referenced stable branch of OpenAFS builds on the listed
major version of the OS. Inclusion of an OS in the list has not implied
much more than that because OpenAFS does not have an extensive test
suite to run and because binaries have not always been consistently
For AuriStor to be "supported" requires the availability of tested,
signed (where applicable) and certified (where applicable) binaries.
The current list of OS families that YFSI is committed to supporting
. Red Hat Enterprise Linux
(YFSI is a Red Hat Technology Partner)
* Microsoft Windows
* Apple OSX and iOS
* Oracle Solaris
* IBM AIX
Servers are supported everywhere but on Windows, iOS and Android but the
performance varies significantly based upon the OS release, processor
architecture, and underlying hardware so there are combinations that we
recommend and those we do not.
The failure to list an OS family or Linux distribution does not imply
that YFSI will not support AuriStor on that platform. It only implies
that there has been insufficient customer interest to this point for
YFSI to expend the necessary resources on development, testing and
certification (where applicable.)
> I have not found a price list of the products and what they contain.
You are correct. YFSI performed a survey of various Enterprise class
software product web sites and found that very few included a price
schedule. Please contact us.
> However, there is much "we are better" advertisement. That's not
> something that works well in all cultures.
If you have suggestions on what should be included on the web site we
are interested in hearing them. Please contact us off the OpenAFS
> My conclusion of the current "landscape" is that if you have chosen a
> closed source operating system that you pay money for, in the future
> you'll have to pay money for a decent file system as well, either
> directly to the OS vendor or to a third party. That will in the future
> be necessary for any other function enhancement as well. That trend
> will continue and sooner or later include every app(lication) that you
> want to run on that platform.
It is certainly possible to view the landscape as FOSS platforms are
better because you do not have to pay money and because there are fewer
requirements in place that are intended to enforce quality.
I have spoken with many Microsoft Program Managers and Developers.
Their reasons for enforcing the new digital signing and certification
requirements are reasonable given their goals. They are tired of end
user systems being exploited or made unstable because of third party
products that integrate with the OS with full trust and which are not
sufficiently designed against attack or with quality and privacy in
mind. Microsoft is committed to providing their enterprise customers
with trusted platforms whether those are hosted on physical machines
owned by the enterprise or whether they are virtual machines hosted on
HyperV or Azure.
Microsoft's staff believes they have no choice but to impose new
requirements because of the actions of various government entities from
multiple countries and the persistent attacks from crime related
Microsoft has finally followed Apple's lead by defining an application
model that permits applications to be distributed, installed, upgraded,
and removed without altering the underlying OS footprint. In the long
run this is going to be a big win for consumers because of the increased
stability it will bring. However, it is also true that this new model
of software development and deployment is going to be very expensive to
transition to because there are many assumptions embedded in existing
Windows software that are no longer true when a well-defined and
enforced application model is imposed.
For Apple the goal is to sell consumer products that are as easy to use
and maintain as a toaster. That goal is supported by improving the
security footprint of the OS. Doing so requires limiting the ability to
install arbitrary kernel extensions to trusted parties.
As for the argument that FOSS operating systems are better because you
do not have to pay money for them. I do not buy into that argument.
Quality software is developed by talented humans that require housing,
food, and health care, that raise families, and that deserve the
opportunity to learn, vacation and retire. If you want quality software
you need people, and paying people requires money. I have yet to find a
money tree nor has a leprechaun offered me a pot of gold.
The cost of developing OpenAFS or AuriStor is no different for a FOSS
operating system such as Linux or a closed source file system such as
Oracle Solaris. In many regards the FOSS platform has proven to be more
expensive to develop for because of the lack of stable ABIs and the
large degree of variability between distributions.
In the end, if you need a quality file system it is going to cost
someone something. Either upfront as grants, or on the back-end through
the sales of license fees, services, acceptance of advertising and/or
loss of privacy. Or it will come out of the quality of life of the
developers. We have all seen what our friends that spent 15 years
sacrificing to support OpenSSL have gone through.
My life experience has taught me that it is unfair to expect people to
work for free or to work at a discount simply because a cause is worthy.
It is fair for someone to volunteer to do something for free because
they want to but the moment that the same person is asked to do it they
should be paid for their time and expertise.
Recently the Freakonomics podcast had a relevant piece titled "Should We
Really Behave Like Economists Say We Do?"
Its the story of Homo Economicus,
a human being that is a rational and self-interested actor that always
chooses the most optimal path through life. The podcast analyzes in a
funny manner how Home Economicus would live life whether it be selecting
a mate, or choosing entertainment, or supporting public activities and
works such as voting or the arts.
I bring up this podcast because in many regards the funding or lack of
funding of FOSS is the process of rational and self-interested actions
at work. A rational organization is not going to pay money for
something that is freely available nor are they going to fund developers
to build something that others will get to use for free. That is the
challenge for OpenAFS.
The challenge for AuriStor is that because a large sum of money was
invested in its development those funds must be recouped from those
organizations that will benefit from its use.
In the end software development has to be a partnership between those
that build and those that deploy. If those that deploy do not fund
those that build there will not be sufficient development hours and
talent to build the solutions those that deploy require. The choice
between FOSS, commercial open source for customers and commercial closed
source is a business model. The choice of business model is often
dictated by economic circumstances and the economic landscape.
Up until Feb 2012 YFSI gave everything it developed to OpenAFS. I
stopped doing so for much the same reason that Oracle restricted access
to Solaris source code. Distributing source code before the product
ships and begins to generate revenues undermines the ability to fund the
R&D that produces the software in the first place.
My goal is to develop software that enables our end users to deploy
applications and distribute information both within and without their
private networks using a common file namespace for all networked devices
and best of breed network security. One of the strengths of /afs is
that it has already survived three decades. I want it to continue to
exist a century from now.
Please direct all future questions about AuriStor to Your File System Inc=
Please join the OpenAFS Foundation Discuss mailing list to discuss
funding models for OpenAFS
P.S. My apologies for the long reply.
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature